summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Sima <ben@bsima.me>2019-05-07 14:13:46 -0700
committerBen Sima <ben@bsima.me>2019-05-07 14:13:46 -0700
commit3745e5c19acb77cbf287cc1d6ba0d0a08703e7f3 (patch)
tree59a17eee841072cc3b25555dcc0d87438cb86187
parent479742da8a3c83d92997a31a4c58608a65ebc8af (diff)
add helium and refactor lithium
-rw-r--r--common.nix3
-rw-r--r--linux.nix4
-rw-r--r--machines/helium.nix118
-rw-r--r--machines/lithium.nix31
-rw-r--r--machines/users.nix31
5 files changed, 153 insertions, 34 deletions
diff --git a/common.nix b/common.nix
index 818ddb5..a48eb94 100644
--- a/common.nix
+++ b/common.nix
@@ -4,6 +4,7 @@ let
homedir = builtins.getEnv "HOME";
locale = "en_US.UTF-8";
gpgid = "D09299626FA78AF8";
+ gitCommitTemplate = ./git-commit-template;
in
{
home = {
@@ -78,7 +79,7 @@ in
default = simple
[commit]
- template = ~/.config/nixpkgs/git-commit-template
+ template = ${gitCommitTemplate}
[sendemail]
smtpuser = ben@bsima.me
diff --git a/linux.nix b/linux.nix
index 62ea2d8..af0cb60 100644
--- a/linux.nix
+++ b/linux.nix
@@ -66,7 +66,7 @@ in
"bar/top" = {
font-0 = "mononoki:size-10";
monitor = "\${env:MONITOR:eDP1}";
- monitor-fallback = "HDMI1";
+ monitor-fallback = "\${env:MONITOR:eDP-1}";
width = "100%";
height = "2%";
radius = 0;
@@ -178,13 +178,13 @@ in
gpg-agent = {
enable = true;
+ enableScDaemon = true;
defaultCacheTtl = 72000;
maxCacheTtl = 7200;
enableSshSupport = true;
verbose = true;
extraConfig = ''
allow-emacs-pinentry
- #pinentry-program /home/ben/.nix-profile/bin/pinentry-tty
'';
};
};
diff --git a/machines/helium.nix b/machines/helium.nix
new file mode 100644
index 0000000..8bbeebc
--- /dev/null
+++ b/machines/helium.nix
@@ -0,0 +1,118 @@
+{ config, lib, pkgs, ... }:
+
+{
+
+ networking = {
+ hostName = "helium";
+ networkmanager.enable = true;
+ };
+
+ time.timeZone = "America/Los_Angeles";
+
+ environment.systemPackages = with pkgs; [
+ wget
+ vnstat
+ ];
+
+ fonts.fonts = with pkgs; [
+ google-fonts mononoki source-code-pro fantasque-sans-mono hack-font
+ fira fira-code fira-code-symbols
+ ];
+
+ nixpkgs = {
+ config = {
+ allowUnfree = true;
+ allowBroken = true;
+ };
+ };
+
+ hardware = {
+ opengl.enable = true;
+ pulseaudio = {
+ enable = true;
+ extraConfig = ''
+ load-module module-loopback
+ '';
+ };
+ };
+
+ programs = {
+ bash.enableCompletion = true;
+ command-not-found.enable = true;
+ gnupg.agent = {
+ enable = true;
+ enableSSHSupport = true;
+ };
+ mosh.enable = true;
+ };
+
+ services = {
+ pcscd = {
+ enable = true;
+ };
+
+ fractalart = {
+ enable = true;
+ };
+
+ logind = {
+ lidSwitch = "suspend";
+ extraConfig = "IdleAction=lock";
+ };
+
+ printing.enable = true;
+
+ xserver = {
+ enable = true;
+ layout = "us";
+ libinput.enable = true;
+
+ displayManager.sddm.enable = true;
+
+ desktopManager = {
+ plasma5.enable = true;
+ xterm.enable = true;
+ };
+ };
+
+ vnstat.enable = true;
+
+ # security stuff
+ fail2ban.enable = false;
+ clamav = {
+ daemon.enable = false;
+ updater.enable = false;
+ };
+ };
+
+ # Use the systemd-boot EFI boot loader.
+ boot.loader.systemd-boot.enable = true;
+ boot.loader.efi.canTouchEfiVariables = true;
+
+ powerManagement.enable = true;
+
+ nix = {
+ gc = {
+ automatic = true;
+ dates = "03:15";
+ };
+ binaryCaches = [ "https://cache.nixos.org/" ];
+ nixPath = [
+ "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs"
+ "nixos-config=/etc/nixos/configuration.nix"
+ "/nix/var/nix/profiles/per-user/root/channels"
+ ];
+ extraOptions = ''
+ gc-keep-outputs = true
+ gc-keep-derivations = true
+ '';
+ };
+
+ # This value determines the NixOS release with which your system is to be
+ # compatible, in order to avoid breaking some software such as database
+ # servers. You should change this only after NixOS release notes say you
+ # should.
+ system.stateVersion = "19.03"; # Did you read the comment?
+ system.autoUpgrade.enable = true;
+
+}
diff --git a/machines/lithium.nix b/machines/lithium.nix
index 7ccc93c..9d2db53 100644
--- a/machines/lithium.nix
+++ b/machines/lithium.nix
@@ -3,9 +3,6 @@
let
myIp = "68.107.97.20"; # hiddor-kahih
gitDir = "/srv/git";
- benKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiNB0iF9ClawNEizBtdYucqp1tAXXRbqvlPS6PFRrtiwSl+SJD29BCLgA5rLxcmFhBHZ/iId/En7GPFEzI/gMu071J7pUI4OcW0UVZju3GNc6ZEz/a6AD2u79JiXEDHfPEdmMqAe36kkaK0KJWSQP3xsFRwJ+8F8HHbSwoCLL+GJhBgAWHQLGfKesNrDacNljNDU3CgkEnDmu8QKuSzH2k1vrr69q2u2iMSAdiStDBAWEjN5nCVrm2XB2vmFLMtXpX2n8JI+znOGzRRDc8dNXejQeDMZGyV6jfVidEIX7vdgSydGjTRKcCLVAsKY3z0gYBZ8u8EUNujgcFBnnAvytj ben@neb";
- nickKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDfSOxXJTQADjROqbaiJtjbJaHTsBtuWNvQpDvXLigl9R27VqIn7dYk2STuWglwFyrvYfU1UmjgJcJ6J2KbXGTH5mhaC04MJ4aqmOR3Ynnq7nDzmtEtn1I+K7LmpFXsFXgOTzIlzggIWflGd1pPBwgWqMoPDcSqNQFPI/+rk1JOxk3e2Mq60VTp9WM9hs0AJQEyZ+wwZ0vyrj588kQb6jQUZ7qx1UZoDzPc57zREEZbQeU1Gd9FK2bCHlKOBHYlqIftSRBGGCpuo7zobhajR0xHO9RnF0NmeLbW85XhDus8vVgBg/BTDPxHEzm5jKiCkc+i3ia0Ff9mp2zgtSdXCp5jbVZ3AYfYLi1zbPWmaSdWqFx2ntOLwWR3/RHjw6+b4KmUQ4xtQHyXOijTBCH29i7VCo7l8WL+I2mSGJ7/Wtw7NFtMpVVs8/0iKt2t12FIefzvbZoWU7vbmuO7+gQI5l+F+JE6DLWOl04vT/V98WxiHA5rbCjTT/bubs4gTeCR9qNehaoM+apitpUP8HXygnxD7EJeK6JNkdub9TY663IkiKlpnWgeoDTNSP7JF/jkU0Nt8yoR2pTyxQqMFYa37/3WKjmSHk1TgxLEmlwHQFtIkTPn8PL+VLa4ACYuWUjxS4aMRpxo9eJUHdy0Y04yKxXN8BLw7FAhytm2pTXtT4zqaQ== nicksima@gmail.com";
- dreKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBaWLX6UpkiFZmS9OX8mcXIdmvxmHfP/v+8Sx9j3PCbFA+Jaj+PlCCiX/iLOL4Vgq3aQQpBg0FQWttLdCrGbTpnADfmU5TlbUk/9YEhPZG3MP1rYGtpIqmWFEWKGaiJHeW2SRVgnbJFwFKUtrsCQ/OAVENJTZ2xsn/t3xGYfCXqhs2jVctZmuhyO+Qw5KuAgIdr96+QsBVA1V/BdadDicDUgS7ixHyzECME9YT5ldj8YcsJcD4G07bfg7omF5s263BHx0sLpXKRQbIvcVcdnoAZK0JQEaz9adWaMzRuDhP+hMcsF4T2O1ZRLW4nsDRnK5N+KWO5317Jr8eVCqEpSQr aulloa@WINDOWS-DI0KOEL";
in
{
@@ -97,11 +94,6 @@ in
forwardX11 = true;
};
- offlineimap = {
- enable = true;
- install = true;
- };
-
deluge = {
enable = true;
openFilesLimit = 10240;
@@ -282,29 +274,6 @@ in
};
};
- users = {
- users = {
- ben = {
- isNormalUser = true;
- home = "/home/ben";
- openssh.authorizedKeys.keys = [ "${benKey}" ];
- extraGroups = [ "wheel" "networkmanager" "docker" ];
- };
- nick = {
- isNormalUser = true;
- home = "/home/nick";
- openssh.authorizedKeys.keys = [ "${nickKey}" ];
- extraGroups = [ "docker" ];
- };
- dre = {
- isNormalUser = true;
- home = "/home/dre";
- openssh.authorizedKeys.keys = [ "${dreKey}" ];
- extraGroups = [ "docker" ];
- };
- };
- };
-
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
diff --git a/machines/users.nix b/machines/users.nix
new file mode 100644
index 0000000..5d20b58
--- /dev/null
+++ b/machines/users.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+let
+ benKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiNB0iF9ClawNEizBtdYucqp1tAXXRbqvlPS6PFRrtiwSl+SJD29BCLgA5rLxcmFhBHZ/iId/En7GPFEzI/gMu071J7pUI4OcW0UVZju3GNc6ZEz/a6AD2u79JiXEDHfPEdmMqAe36kkaK0KJWSQP3xsFRwJ+8F8HHbSwoCLL+GJhBgAWHQLGfKesNrDacNljNDU3CgkEnDmu8QKuSzH2k1vrr69q2u2iMSAdiStDBAWEjN5nCVrm2XB2vmFLMtXpX2n8JI+znOGzRRDc8dNXejQeDMZGyV6jfVidEIX7vdgSydGjTRKcCLVAsKY3z0gYBZ8u8EUNujgcFBnnAvytj ben@neb";
+ nickKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDfSOxXJTQADjROqbaiJtjbJaHTsBtuWNvQpDvXLigl9R27VqIn7dYk2STuWglwFyrvYfU1UmjgJcJ6J2KbXGTH5mhaC04MJ4aqmOR3Ynnq7nDzmtEtn1I+K7LmpFXsFXgOTzIlzggIWflGd1pPBwgWqMoPDcSqNQFPI/+rk1JOxk3e2Mq60VTp9WM9hs0AJQEyZ+wwZ0vyrj588kQb6jQUZ7qx1UZoDzPc57zREEZbQeU1Gd9FK2bCHlKOBHYlqIftSRBGGCpuo7zobhajR0xHO9RnF0NmeLbW85XhDus8vVgBg/BTDPxHEzm5jKiCkc+i3ia0Ff9mp2zgtSdXCp5jbVZ3AYfYLi1zbPWmaSdWqFx2ntOLwWR3/RHjw6+b4KmUQ4xtQHyXOijTBCH29i7VCo7l8WL+I2mSGJ7/Wtw7NFtMpVVs8/0iKt2t12FIefzvbZoWU7vbmuO7+gQI5l+F+JE6DLWOl04vT/V98WxiHA5rbCjTT/bubs4gTeCR9qNehaoM+apitpUP8HXygnxD7EJeK6JNkdub9TY663IkiKlpnWgeoDTNSP7JF/jkU0Nt8yoR2pTyxQqMFYa37/3WKjmSHk1TgxLEmlwHQFtIkTPn8PL+VLa4ACYuWUjxS4aMRpxo9eJUHdy0Y04yKxXN8BLw7FAhytm2pTXtT4zqaQ== nicksima@gmail.com";
+ dreKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBaWLX6UpkiFZmS9OX8mcXIdmvxmHfP/v+8Sx9j3PCbFA+Jaj+PlCCiX/iLOL4Vgq3aQQpBg0FQWttLdCrGbTpnADfmU5TlbUk/9YEhPZG3MP1rYGtpIqmWFEWKGaiJHeW2SRVgnbJFwFKUtrsCQ/OAVENJTZ2xsn/t3xGYfCXqhs2jVctZmuhyO+Qw5KuAgIdr96+QsBVA1V/BdadDicDUgS7ixHyzECME9YT5ldj8YcsJcD4G07bfg7omF5s263BHx0sLpXKRQbIvcVcdnoAZK0JQEaz9adWaMzRuDhP+hMcsF4T2O1ZRLW4nsDRnK5N+KWO5317Jr8eVCqEpSQr aulloa@WINDOWS-DI0KOEL";
+in
+{
+ users = {
+ users = {
+ ben = {
+ isNormalUser = true;
+ home = "/home/ben";
+ openssh.authorizedKeys.keys = [ "${benKey}" ];
+ extraGroups = [ "wheel" "networkmanager" "docker" ];
+ };
+ nick = {
+ isNormalUser = true;
+ home = "/home/nick";
+ openssh.authorizedKeys.keys = [ "${nickKey}" ];
+ extraGroups = [ "docker" ];
+ };
+ dre = {
+ isNormalUser = true;
+ home = "/home/dre";
+ openssh.authorizedKeys.keys = [ "${dreKey}" ];
+ extraGroups = [ "docker" ];
+ };
+ };
+ };
+}